The statements in this section merely provide background information related to the present disclosure and may not constitute prior art. In computer usage today, computer security is no longer a convenience, but instead, a requirement. In order to understand the security posture of an organization, it is necessary to approach it with a holistic view and consider network assets simultaneously.
In the past, it has been a standard practice to make a security assessment before deploying a new network or modifying an existing network and to have periodic assessments over networks that are in production. Penetration tests are one of the preferred methods for security assessment. A penetration test is a process by which a security auditor attempts to gain unauthorized access to the computer system or network. New trends in network technologies make penetration testing more difficult, specifically, networks have grown in size, the networks implement a wider variety of configurations and more complex configurations, and the networks include newer devices (e.g., embedded devices). These new trends in network technologies have created new flows of information and control, and therefore new attack vectors. As a result, the job of making these security assessments has become more difficult and challenging.
There are many reasons why a Chief Security Officer or other party might not want to have a penetration test (pen-test) against his network, or might not be able to perform a penetration test. As an example, this may be either because, he may not want to risk disrupting the availability of the network, or because the network has not been implemented yet. For example, it is common in Web application development or SCADA (Supervisory Control and Data Acquisition, which are industrial control systems), to duplicate the production environment on a “staging environment” accurately mimicking or mirroring the first to anticipate changes and their impact. When this is done, all changes are first made in the staging environment, the security assessments and other functional tests are done in the staging environment and these changes are only deployed in the production environment once all the tests are cleared.
Staging is a good practice, which is very difficult to adopt in the case of network security due to several reasons. Presently, it is not possible to deploy computer networks of hundreds of computers in arbitrary topologies and configurations efficiently. Also, one cannot duplicate the behavior of a complete standard sized network including the elements mentioned, the security holes, and their consequences. This is because, one would be required to buy two times the hardware and software licenses, and there are no means for implementing the installation and configuration automatically. Of course, there are other reasons why it is not possible to deploy computer networks of hundreds of computers in arbitrary topologies and configurations efficiently.
There are various reasons why one would need to simulate computer networks so that they can be attacked. As an example, presently, there are no programs for teaching penetration testing or other forms of computer security and this turns out to be a difficult job. Education programs would require providing vulnerable scenarios with which students can experiment. These pedagogical objectives also require a rapid, flexible and reproducible configuration of scenarios, not available in real installations or in virtualized network environments designed for more general purposes.
A second example of a reason why one would need to simulate computer networks so that they can be attacked is due to the design of attack tools and refinement of older tools requiring network simulation. Explicitly, in order to test an attack technology it is necessary to make attack experiments against different targets. However, providing these targets is costly and inefficient with the tools of today. For example, there might be a desire to design an attack-planning algorithm, which is an interactive algorithm that receives as input a connection to a network, a target, and a set of actions with their requirements, and iteratively constructs and executes an attack which achieves the target.
In view of the shortcomings discussed above, there is a need for a system and method for simulating computers and computer networks that takes an entirely fresh approach and overcomes the drawbacks of the conventional techniques. Thus, a heretofore unaddressed need exists in the industry to address the aforementioned deficiencies and inadequacies.